{ "$schema": "http://cyclonedx.org/schema/bom-1.6.schema.json", "bomFormat": "CycloneDX", "specVersion": "1.6", "serialNumber": "urn:uuid:413814f7-ccec-5fe8-89ec-8b038bea0550", "version": 1, "metadata": { "tools": [ { "name": "tuxcare-vex-generator", "version": "1.0.0" } ] }, "components": [ { "bom-ref": "pkg:npm/handlebars@1.3.0", "type": "library", "name": "handlebars", "version": "1.3.0", "purl": "pkg:npm/handlebars@1.3.0" } ], "vulnerabilities": [ { "bom-ref": "urn:uuid:de65f028-d912-5e94-a179-540706e6f969", "id": "CVE-2015-8857", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-8857 affects version 1.3.0 of handlebars." }, "affects": [ { "ref": "pkg:npm/handlebars@1.3.0" } ] }, { "bom-ref": "urn:uuid:73e7e15e-6b83-59ec-9e0f-3f7b71b34168", "id": "CVE-2015-8858", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2015-8858 affects version 1.3.0 of handlebars." }, "affects": [ { "ref": "pkg:npm/handlebars@1.3.0" } ] }, { "bom-ref": "urn:uuid:1f3c0eae-e6e5-5638-9538-3dd65234de3a", "id": "CVE-2026-33937", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-33937 affects version 1.3.0 of handlebars." }, "affects": [ { "ref": "pkg:npm/handlebars@1.3.0" } ] }, { "bom-ref": "urn:uuid:996959f9-ed60-50a4-b571-7634f4cdd48c", "id": "CVE-2026-33938", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-33938 affects version 1.3.0 of handlebars." }, "affects": [ { "ref": "pkg:npm/handlebars@1.3.0" } ] }, { "bom-ref": "urn:uuid:dc949a56-82e4-5114-a7d9-4925b698c838", "id": "CVE-2026-33939", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-33939 affects version 1.3.0 of handlebars." }, "affects": [ { "ref": "pkg:npm/handlebars@1.3.0" } ] }, { "bom-ref": "urn:uuid:10e6c5a9-c400-5e03-8390-22ed5b8a27b1", "id": "CVE-2026-33940", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-33940 affects version 1.3.0 of handlebars." }, "affects": [ { "ref": "pkg:npm/handlebars@1.3.0" } ] }, { "bom-ref": "urn:uuid:49d25e39-8e1b-5167-88ff-8b6133b667b2", "id": "CVE-2026-33941", "analysis": { "state": "exploitable", "detail": "Vulnerability CVE-2026-33941 affects version 1.3.0 of handlebars." }, "affects": [ { "ref": "pkg:npm/handlebars@1.3.0" } ] }, { "bom-ref": "urn:uuid:e7d54de2-ff8e-5c79-9f88-0d04371699a8", "id": "GHSA-442j-39wm-28r2", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-442j-39wm-28r2 affects version 1.3.0 of handlebars." }, "affects": [ { "ref": "pkg:npm/handlebars@1.3.0" } ] }, { "bom-ref": "urn:uuid:f5f4b430-b741-55fd-8f66-b3e926c0fe97", "id": "GHSA-6r5x-hmgg-7h53", "analysis": { "state": "false_positive", "detail": "Vulnerability GHSA-6r5x-hmgg-7h53 is a false positive for handlebars 1.3.0." }, "affects": [ { "ref": "pkg:npm/handlebars@1.3.0" } ] }, { "bom-ref": "urn:uuid:a71860a8-a132-5185-a0bc-4f278a9b2f0a", "id": "GHSA-7rx3-28cr-v5wh", "analysis": { "state": "exploitable", "detail": "Vulnerability GHSA-7rx3-28cr-v5wh affects version 1.3.0 of handlebars." }, "affects": [ { "ref": "pkg:npm/handlebars@1.3.0" } ] }, { "bom-ref": "urn:uuid:776d3992-ca4b-59fe-a415-411733eebe2f", "id": "GHSA-fmr4-7g9q-7hc7", "analysis": { "state": "false_positive", "detail": "Vulnerability GHSA-fmr4-7g9q-7hc7 is a false positive for handlebars 1.3.0." }, "affects": [ { "ref": "pkg:npm/handlebars@1.3.0" } ] } ], "dependencies": [ { "ref": "pkg:npm/handlebars@1.3.0" } ] }